Does WP Sitemap Page have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Sitemap Page have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Sitemap Page compatible with WordPress 6.8.5?

According to WordPress.org data, WP Sitemap Page 1.9.5 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WP Sitemap Page updated?

WP Sitemap Page was last updated on Apr 15, 2025. Frequent updates are generally a positive security signal.

What is WP Sitemap Page's security score?

WP Sitemap Page has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Sitemap Page Security & Risk Analysis

wordpress.org/plugins/wp-sitemap-page

Add a sitemap on any of your page using the simple shortcode [wp_sitemap_page]. Improve the SEO and navigation of your website.

300K active installs v1.9.5 PHP + WP 3.0+ Updated Apr 15, 2025

generatorhtml-sitemappage-listsite-mapsitemap

A · Safe

CVEs total1

Unpatched0

Last CVESep 7, 2021

Plugin page Download

Safety Verdict

Is WP Sitemap Page Safe to Use in 2026?

Generally Safe

Score 100/100

WP Sitemap Page has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Sep 7, 2021Updated 11mo ago

Risk Assessment

The plugin 'wp-sitemap-page' v1.9.5 exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, external HTTP requests, file operations, and the exclusive use of prepared statements for SQL queries are positive indicators. Furthermore, the low number of entry points and the lack of immediately apparent unprotected ones suggest a controlled attack surface. However, the presence of one known medium severity vulnerability, a cross-site scripting (XSS) issue from 2021, warrants attention. While currently unpatched, it's noted that there are no *currently* unpatched CVEs, suggesting it might have been addressed in a subsequent version or is not actively exploited. The low percentage of properly escaped output (89%) indicates a small potential for XSS vulnerabilities, though the analysis did not find specific flows.

Key Concerns

1 known medium CVE (XSS) historically
11% of output not properly escaped
No nonce checks present
No capability checks present

Vulnerabilities

WP Sitemap Page Security Vulnerabilities

CVEs by Year

1 CVE in 2021

2021

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2021-24715medium · 4.8Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

WP Sitemap Page <= 1.6.6 - Admin+ Stored Cross Site Scripting

Sep 7, 2021 Patched in 1.7.0 (868d)

Code Analysis

Analyzed Mar 16, 2026

WP Sitemap Page Code Analysis

Dangerous Functions

Raw SQL Queries

1 prepared

Unescaped Output

39 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared1 total queries

Output Escaping

89% escaped44 total outputs

Attack Surface

WP Sitemap Page Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wp_sitemap_page] wp-sitemap-page.php:478

WordPress Hooks 5

actionplugins_loadedwp-sitemap-page.php:24

actionadmin_menuwp-sitemap-page.php:153

filterplugin_row_metawp-sitemap-page.php:186

actionadmin_initwp-sitemap-page.php:239

filterwp_list_pageswp-sitemap-page.php:659

Maintenance & Trust

WP Sitemap Page Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 15, 2025

PHP min version

Downloads3.4M

Community Trust

Rating96/100

Number of ratings205

Active installs300K

Alternatives

WP Sitemap Page Alternatives

WP Sitemap Pages and Posts

wp-sitemap-pages-and-posts

An easy way to add a sitemap on one of your pages becomes reality thanks to this WordPress plugin. Just use the shortcode [wpspap_sitemap] on any of y …

1K No CVEs

Easy HTML Sitemap

easy-html-sitemap

Easy HTML Sitemap - Display an HTML Sitemap for your wordpress pages using a shortcode. The sitemap is updated in realtime.

700 No CVEs

SEO Sitemap Generator with fetch urls

seo-sitemap-generator-with-fetch-urls

Automatic generate xml sitemap for search engine and fetch urls in webmaster tools

200 No CVEs

XML Sitemap Generator By Kaboom

xml-sitemap-generator-by-kaboom

The best sitemap generator which is very easy to configure and has multilingual support (WPML). This plugin will generate a XML and a HTML sitemap.

100 No CVEs

XML Sitemap Generator for Google

google-sitemap-generator

Generate multiple types of sitemaps to improve SEO and get your website indexed quickly.

1.0M 3 CVEs

Developer Profile

WP Sitemap Page Developer Profile

Tony Archambeau

1 plugin · 300K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

868 days

View full developer profile

Detection Fingerprints

How We Detect WP Sitemap Page

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-sitemap-page/css/style.css/wp-content/plugins/wp-sitemap-page/css/wp-sitemap-page.css/wp-content/plugins/wp-sitemap-page/js/wp-sitemap-page.js

Script Paths

/wp-content/plugins/wp-sitemap-page/js/wp-sitemap-page.js

Version Parameters

wp-sitemap-page/css/style.css?ver=wp-sitemap-page/css/wp-sitemap-page.css?ver=wp-sitemap-page/js/wp-sitemap-page.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-sitemap-page-menu

Data Attributes

id="wsp-sitemap-page"

Shortcode Output

[wp_sitemap_page]

FAQ